Dog Bites Man — Internet Bank Heist Version

…in two precision operations that involved people in more than two dozen countries acting in close coordination and with surgical precision, the organization was able to steal $45 million from thousands of A.T.M.’s in a matter of hours.

In New York City alone, the thieves responsible for A.T.M. withdrawals struck 2,904 machines over 10 hours on Feb. 19, withdrawing $2.4 million.

The scam was simple and very smart: hack credit card processing companies in India and the US; then raise the credit limits on pre-paid debit cards issued by a couple of banks in the Persian Gulf. Clone the data on said cards so that teams IRL could hit machines in multiple countries, stuffing wads of cash in backpacks that surveillance video shows getting heavier and heavier. Rince, repeat, profit.

All this comes out of an unsealed indictment for a New York City crew of eight involved in the impressively effortful spree noted in the quote above.

Don’t try this at home, kids — not only is it a pretty hefty felony, and not your money and all that — but then there’s this:

The authorities said the leader of the New York cashing crew was Alberto Lajud-Peña, 23, who also went by the name Prime. His body was found in the Dominican Republic on April 27 and prosecutors said they believe he was killed.

I have no doubt that there are folks involved in this that you really, really don’t want to irritate. None of the putative kingpins have been identified, but in an even less surprising footnote to the tale, the authorities are tracking down some of the loot in predictable forms:

The authorities have already seized hundreds of thousands of dollars from bank accounts, two Rolex watches and a Mercedes S.U.V., and are in the process of seizing a Porsche Panamera.

Part of me says that this is something to note because so much of the financial life of individuals and the economy writ large depends on the secure functioning of — and user trust in — global banking systems at every level from the corner ATM to the massive inter-bank clearing mechanisms.

The cyber security people I talk to have to hold their hands over the mouths to stop themselves from blurting “WAKE UP SHEEPLE!!!!!” — as that trust rests on a rickety tangle of hardware and software. So while there’s a kind of Great Train Robbery thrill to the idea of capers like these, this could get ugly indeed.